From 0fe63e6e270c519836e79147f18523dfe7c840ca Mon Sep 17 00:00:00 2001 From: Eric Hameleers Date: Sat, 10 Feb 2018 19:28:12 +0100 Subject: KDE 5_17.11: Fix vulnerability in plasma-workspace A patch was applied to mitigate CVE-2018-6791 (KDEBUG_389815). --- .../plasma-workspace_kdebug389815.patch | 32 ++++++++++++++++++++++ 1 file changed, 32 insertions(+) create mode 100644 kde/patch/plasma-workspace/plasma-workspace_kdebug389815.patch (limited to 'kde/patch/plasma-workspace/plasma-workspace_kdebug389815.patch') diff --git a/kde/patch/plasma-workspace/plasma-workspace_kdebug389815.patch b/kde/patch/plasma-workspace/plasma-workspace_kdebug389815.patch new file mode 100644 index 0000000..e2f1e48 --- /dev/null +++ b/kde/patch/plasma-workspace/plasma-workspace_kdebug389815.patch @@ -0,0 +1,32 @@ +From f32002ce50edc3891f1fa41173132c820b917d57 Mon Sep 17 00:00:00 2001 +From: Marco Martin +Date: Mon, 5 Feb 2018 13:12:51 +0100 +Subject: Make sure device paths are quoted + +in the case a vfat removable device has $() or `` in its label, +such as $(touch foo) the quoted command may get executed, +leaving an attack vector. Use KMacroExpander::expandMacrosShellQuote +to make sure everything is quoted and not interpreted as a command + +BUG:389815 +--- + soliduiserver/deviceserviceaction.cpp | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/soliduiserver/deviceserviceaction.cpp b/soliduiserver/deviceserviceaction.cpp +index f49c967..738b27c 100644 +--- a/soliduiserver/deviceserviceaction.cpp ++++ b/soliduiserver/deviceserviceaction.cpp +@@ -158,7 +158,7 @@ void DelayedExecutor::delayedExecute(const QString &udi) + + QString exec = m_service.exec(); + MacroExpander mx(device); +- mx.expandMacros(exec); ++ mx.expandMacrosShellQuote(exec); + + KRun::runCommand(exec, QString(), m_service.icon(), 0); + deleteLater(); +-- +cgit v0.11.2 + + -- cgit v1.2.3